adrien/ansible-role-k8s-calico
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Update to version v3.16.0
All checks were successful
continuous-integration/drone/push Build is passing
Details

Browse source
This commit is contained in:
Adrien Reslinger 2020-08-28 11:33:19 +02:00
parent fb19dffda1
commit 29b391dde4
7 changed files with 120 additions and 15 deletions
Download patch file Download diff file Expand all files Collapse all files

57
files/bgpconfigurations.crd.projectcalico.org-CustomResourceDefinition.yaml
View file

@ -39,6 +39,32 @@ spec:
64512]' 64512]'
format: int32 format: int32
type: integer type: integer
communities:
description: Communities is a list of BGP community values and their
arbitrary names for tagging routes.
items:
description: Community contains standard or large community value
and its name.
properties:
name:
description: Name given to community value.
type: string
value:
description: Value must be of format `aa:nn` or `aa:nn:mm`.
For standard community use `aa:nn` format, where `aa` and
`nn` are 16 bit number. For large community use `aa:nn:mm`
format, where `aa`, `nn` and `mm` are 32 bit number. Where,
`aa` is an AS Number, `nn` and `mm` are per-AS identifier.
pattern: ^(\d+):(\d+)$|^(\d+):(\d+):(\d+)$
type: string
type: object
type: array
listenPort:
description: ListenPort is the port where BGP protocol should listen.
Defaults to 179
maximum: 65535
minimum: 1
type: integer
logSeverityScreen: logSeverityScreen:
description: 'LogSeverityScreen is the log severity above which logs description: 'LogSeverityScreen is the log severity above which logs
are sent to the stdout. [Default: INFO]' are sent to the stdout. [Default: INFO]'
@ -47,13 +73,36 @@ spec:
description: 'NodeToNodeMeshEnabled sets whether full node to node description: 'NodeToNodeMeshEnabled sets whether full node to node
BGP mesh is enabled. [Default: true]' BGP mesh is enabled. [Default: true]'
type: boolean type: boolean
prefixAdvertisements:
description: PrefixAdvertisements contains per-prefix advertisement
configuration.
items:
description: PrefixAdvertisement configures advertisement properties
for the specified CIDR.
properties:
cidr:
description: CIDR for which properties should be advertised.
type: string
communities:
description: Communities can be list of either community names
already defined in `Specs.Communities` or community value
of format `aa:nn` or `aa:nn:mm`. For standard community use
`aa:nn` format, where `aa` and `nn` are 16 bit number. For
large community use `aa:nn:mm` format, where `aa`, `nn` and
`mm` are 32 bit number. Where,`aa` is an AS Number, `nn` and
`mm` are per-AS identifier.
items:
type: string
type: array
type: object
type: array
serviceClusterIPs: serviceClusterIPs:
description: ServiceClusterIPs are the CIDR blocks from which service description: ServiceClusterIPs are the CIDR blocks from which service
cluster IPs are allocated. If specified, Calico will advertise these cluster IPs are allocated. If specified, Calico will advertise these
blocks, as well as any cluster IPs within them. blocks, as well as any cluster IPs within them.
items: items:
description: ServiceClusterIPBlock represents a single whitelisted description: ServiceClusterIPBlock represents a single allowed ClusterIP
CIDR block for ClusterIPs. CIDR block.
properties: properties:
cidr: cidr:
type: string type: string
@ -64,8 +113,8 @@ spec:
Service External IPs. Kubernetes Service ExternalIPs will only be Service External IPs. Kubernetes Service ExternalIPs will only be
advertised if they are within one of these blocks. advertised if they are within one of these blocks.
items: items:
description: ServiceExternalIPBlock represents a single whitelisted description: ServiceExternalIPBlock represents a single allowed
CIDR External IP block. External IP CIDR block.
properties: properties:
cidr: cidr:
type: string type: string

12
files/bgppeers.crd.projectcalico.org-CustomResourceDefinition.yaml
View file

@ -37,6 +37,12 @@ spec:
description: The AS Number of the peer. description: The AS Number of the peer.
format: int32 format: int32
type: integer type: integer
keepOriginalNextHop:
description: Option to keep the original nexthop field when routes
are sent to a BGP Peer. Setting "true" configures the selected BGP
Peers node to use the "next hop keep;" instead of "next hop self;"(default)
in the specific branch of the Node on "bird.cfg".
type: boolean
node: node:
description: The node name identifying the Calico node instance that description: The node name identifying the Calico node instance that
is peering with this peer. If this is not set, this represents a is peering with this peer. If this is not set, this represents a
@ -47,7 +53,11 @@ spec:
this is set, the Node field must be empty. this is set, the Node field must be empty.
type: string type: string
peerIP: peerIP:
description: The IP address of the peer. description: The IP address of the peer followed by an optional port
number to peer with. If port number is given, format should be `[<IPv6>]:port`
or `<IPv4>:<port>` for IPv4. If optional port number is not set,
and this peer IP and ASNumber belongs to a calico/node with ListenPort
set in BGPConfiguration, then we use that port to peer.
type: string type: string
peerSelector: peerSelector:
description: Selector for the remote nodes to peer with. When this description: Selector for the remote nodes to peer with. When this

1
files/calico-config-ConfigMap.yaml
View file

@ -27,6 +27,7 @@ data:
{ {
"type": "calico", "type": "calico",
"log_level": "info", "log_level": "info",
"log_file_path": "/var/log/calico/cni/cni.log",
"datastore_type": "kubernetes", "datastore_type": "kubernetes",
"nodename": "__KUBERNETES_NODE_NAME__", "nodename": "__KUBERNETES_NODE_NAME__",
"mtu": __CNI_MTU__, "mtu": __CNI_MTU__,

2
files/calico-kube-controllers-Deployment.yaml
View file

@ -34,7 +34,7 @@ spec:
priorityClassName: system-cluster-critical priorityClassName: system-cluster-critical
containers: containers:
- name: calico-kube-controllers - name: calico-kube-controllers
image: calico/kube-controllers:v3.15.1 image: calico/kube-controllers:v3.16.0
env: env:
# Choose which controllers to run. # Choose which controllers to run.
- name: ENABLED_CONTROLLERS - name: ENABLED_CONTROLLERS

36
files/calico-node-DaemonSet.yaml
View file

@ -44,8 +44,13 @@ spec:
# It can be deleted if this is a fresh installation, or if you have already # It can be deleted if this is a fresh installation, or if you have already
# upgraded to use calico-ipam. # upgraded to use calico-ipam.
- name: upgrade-ipam - name: upgrade-ipam
image: calico/cni:v3.15.1 image: calico/cni:v3.16.0
command: ["/opt/cni/bin/calico-ipam", "-upgrade"] command: ["/opt/cni/bin/calico-ipam", "-upgrade"]
envFrom:
- configMapRef:
# Allow KUBERNETES_SERVICE_HOST and KUBERNETES_SERVICE_PORT to be overridden for eBPF mode.
name: kubernetes-services-endpoint
optional: true
env: env:
- name: KUBERNETES_NODE_NAME - name: KUBERNETES_NODE_NAME
valueFrom: valueFrom:
@ -66,8 +71,13 @@ spec:
# This container installs the CNI binaries # This container installs the CNI binaries
# and CNI network config file on each node. # and CNI network config file on each node.
- name: install-cni - name: install-cni
image: calico/cni:v3.15.1 image: calico/cni:v3.16.0
command: ["/install-cni.sh"] command: ["/opt/cni/bin/install"]
envFrom:
- configMapRef:
# Allow KUBERNETES_SERVICE_HOST and KUBERNETES_SERVICE_PORT to be overridden for eBPF mode.
name: kubernetes-services-endpoint
optional: true
env: env:
# Name of the CNI config file to create. # Name of the CNI config file to create.
- name: CNI_CONF_NAME - name: CNI_CONF_NAME
@ -102,7 +112,7 @@ spec:
# Adds a Flex Volume Driver that creates a per-pod Unix Domain Socket to allow Dikastes # Adds a Flex Volume Driver that creates a per-pod Unix Domain Socket to allow Dikastes
# to communicate with Felix over the Policy Sync API. # to communicate with Felix over the Policy Sync API.
- name: flexvol-driver - name: flexvol-driver
image: calico/pod2daemon-flexvol:v3.15.1 image: calico/pod2daemon-flexvol:v3.16.0
volumeMounts: volumeMounts:
- name: flexvol-driver-host - name: flexvol-driver-host
mountPath: /host/driver mountPath: /host/driver
@ -113,7 +123,12 @@ spec:
# container programs network policy and routes on each # container programs network policy and routes on each
# host. # host.
- name: calico-node - name: calico-node
image: calico/node:v3.15.1 image: calico/node:v3.16.0
envFrom:
- configMapRef:
# Allow KUBERNETES_SERVICE_HOST and KUBERNETES_SERVICE_PORT to be overridden for eBPF mode.
name: kubernetes-services-endpoint
optional: true
env: env:
# Use Kubernetes API as the backing datastore. # Use Kubernetes API as the backing datastore.
- name: DATASTORE_TYPE - name: DATASTORE_TYPE
@ -217,6 +232,13 @@ spec:
readOnly: false readOnly: false
- name: policysync - name: policysync
mountPath: /var/run/nodeagent mountPath: /var/run/nodeagent
# For eBPF mode, we need to be able to mount the BPF filesystem at /sys/fs/bpf so we mount in the
# parent directory.
- name: sysfs
mountPath: /sys/fs/
# Bidirectional means that, if we mount the BPF filesystem at /sys/fs/bpf it will propagate to the host.
# If the host is known to mount that filesystem already then Bidirectional can be omitted.
mountPropagation: Bidirectional
volumes: volumes:
# Used by calico-node. # Used by calico-node.
- name: lib-modules - name: lib-modules
@ -232,6 +254,10 @@ spec:
hostPath: hostPath:
path: /run/xtables.lock path: /run/xtables.lock
type: FileOrCreate type: FileOrCreate
- name: sysfs
hostPath:
path: /sys/fs/
type: DirectoryOrCreate
# Used to install CNI. # Used to install CNI.
- name: cni-bin-dir - name: cni-bin-dir
hostPath: hostPath:

23
files/felixconfigurations.crd.projectcalico.org-CustomResourceDefinition.yaml
View file

@ -34,6 +34,15 @@ spec:
spec: spec:
description: FelixConfigurationSpec contains the values of the Felix configuration. description: FelixConfigurationSpec contains the values of the Felix configuration.
properties: properties:
awsSrcDstCheck:
description: 'Set source-destination-check on AWS EC2 instances. Accepted
value must be one of "DoNothing", "Enabled" or "Disabled". [Default:
DoNothing]'
enum:
- DoNothing
- Enable
- Disable
type: string
bpfConnectTimeLoadBalancingEnabled: bpfConnectTimeLoadBalancingEnabled:
description: 'BPFConnectTimeLoadBalancingEnabled when in BPF mode, description: 'BPFConnectTimeLoadBalancingEnabled when in BPF mode,
controls whether Felix installs the connection-time load balancer. The controls whether Felix installs the connection-time load balancer. The
@ -196,6 +205,13 @@ spec:
- protocol - protocol
type: object type: object
type: array type: array
featureDetectOverride:
description: FeatureDetectOverride is used to override the feature
detection. Values are specified in a comma separated list with no
spaces, example; "SNATFullyRandom=true,MASQFullyRandom=false,RestoreSupportsLock=".
"true" or "false" will force the feature, empty or omitted values
are auto-detected.
type: string
genericXDPEnabled: genericXDPEnabled:
description: 'GenericXDPEnabled enables Generic XDP so network cards description: 'GenericXDPEnabled enables Generic XDP so network cards
that don''t support XDP offload or driver modes can use XDP. This that don''t support XDP offload or driver modes can use XDP. This
@ -227,6 +243,11 @@ spec:
integrations set the cali value, and our OpenStack integration integrations set the cali value, and our OpenStack integration
sets the tap value. [Default: cali]' sets the tap value. [Default: cali]'
type: string type: string
interfaceRefreshInterval:
description: InterfaceRefreshInterval is the period at which Felix
rescans local interfaces to verify their state. The rescan can be
disabled by setting the interval to 0.
type: string
ipipEnabled: ipipEnabled:
type: boolean type: boolean
ipipMTU: ipipMTU:
@ -498,8 +519,6 @@ spec:
Calico''s BPF maps or attached programs. Set to 0 to disable XDP Calico''s BPF maps or attached programs. Set to 0 to disable XDP
refresh. [Default: 90s]' refresh. [Default: 90s]'
type: string type: string
required:
- bpfLogLevel
type: object type: object
type: object type: object
served: true served: true

4
files/ippools.crd.projectcalico.org-CustomResourceDefinition.yaml
View file

@ -64,7 +64,7 @@ spec:
type: object type: object
ipipMode: ipipMode:
description: Contains configuration for IPIP tunneling for this pool. description: Contains configuration for IPIP tunneling for this pool.
If not specified, then this is defaulted to "Never" (i.e. IPIP tunelling If not specified, then this is defaulted to "Never" (i.e. IPIP tunneling
is disabled). is disabled).
type: string type: string
nat-outgoing: nat-outgoing:
@ -84,7 +84,7 @@ spec:
vxlanMode: vxlanMode:
description: Contains configuration for VXLAN tunneling for this pool. description: Contains configuration for VXLAN tunneling for this pool.
If not specified, then this is defaulted to "Never" (i.e. VXLAN If not specified, then this is defaulted to "Never" (i.e. VXLAN
tunelling is disabled). tunneling is disabled).
type: string type: string
required: required:
- cidr - cidr